Voila j'ai une grande besoin d'aide. après plusieurs lecture de post et bidouillage sur le pc je n'arrive toujours pas a me débarrassé de ce foutu win 32.

Il me bloque un peu l'accès a internet (certaines pages comme hotmail ou google par exemple).

J'ai un grand besoin de votre aide.

merci

voici le rapport hijackthis si sa peut vois aidez

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:12, on 14/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\alex\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Documents and Settings\alex\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ircdown.com/fr/index.ph [...] d=79919274
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
R3 - URLSearchHook: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
O3 - Toolbar: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [EzBackup Manager] C:\Program Files\EZ-Backup\EZ-Backup Manager\ezbackupmanager.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PKR Pal] "C:\Program Files\PKR\pkrpal.exe" -osboot
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [d82f10e6] rundll32.exe "C:\WINDOWS\system32\kjppytrx.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BMdb1c237a] Rundll32.exe "C:\WINDOWS\system32\phpatbtp.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Chinsoap] C:\DOCUME~1\alex\APPLIC~1\CREATI~1\oozecitydrive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [RogueMonitor] C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe /monitor
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\alex\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB6809D-371D-4E3B-ADC3-3C749B577E9A}: NameServer = 192.168.1.1,80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FB6809D-371D-4E3B-ADC3-3C749B577E9A}: NameServer = 192.168.1.1,80.10.246.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FB6809D-371D-4E3B-ADC3-3C749B577E9A}: NameServer = 192.168.1.1,80.10.246.132
O20 - AppInit_DLLs: cvcpou.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: EZ-Backup Manager - Unknown owner - C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 13266 bytes

Bonjour,

Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

• Télécharge ComboFix (sUBs) sur ton Bureau.
• Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

désolé sa à été un peu long pour créé le rapport...

je peut relancer ma protection résidente ou pas maintenant?

ComboFix 08-09-13.05 - alex 2008-09-14 20:23:04.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1345 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\alex\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\alex\Cookies\alex@bluestreak[3].txt
C:\WINDOWS\BMdb1c237a.txt
C:\WINDOWS\BMdb1c237a.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\ajttwiek.ini
C:\WINDOWS\system32\bjqdomtg.ini
C:\WINDOWS\system32\byXRkjji.dll
C:\WINDOWS\system32\cbjmbrot.ini
C:\WINDOWS\system32\cmkvqahe.ini
C:\WINDOWS\system32\cofgohek.ini
C:\WINDOWS\system32\cptsmocl.ini
C:\WINDOWS\system32\ctlqskfa.ini
C:\WINDOWS\system32\dmsiueyx.ini
C:\WINDOWS\system32\emgkfcal.ini
C:\WINDOWS\system32\fhmpyull.ini
C:\WINDOWS\system32\iftkaujy.ini
C:\WINDOWS\system32\ijjkRXyb.ini
C:\WINDOWS\system32\ijjkRXyb.ini2
C:\WINDOWS\system32\jmllm.ini
C:\WINDOWS\system32\jmllm.ini2
C:\WINDOWS\system32\jwgjhqyg.ini
C:\WINDOWS\system32\kjkmp.ini
C:\WINDOWS\system32\kjkmp.ini2
C:\WINDOWS\system32\kjppytrx.dll
C:\WINDOWS\system32\kohpbrqg.ini
C:\WINDOWS\system32\lsjpdjql.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\movwjcqv.ini
C:\WINDOWS\system32\obssokoo.ini
C:\WINDOWS\system32\phpatbtp.dll
C:\WINDOWS\system32\plqoqiby.ini
C:\WINDOWS\system32\pxftjqks.ini
C:\WINDOWS\system32\qphfxhua.ini
C:\WINDOWS\system32\rbjrkmte.ini
C:\WINDOWS\system32\scynkrxb.ini
C:\WINDOWS\system32\smtcfsbb.ini
C:\WINDOWS\system32\spatvfuy.ini
C:\WINDOWS\system32\tcdearcm.ini
C:\WINDOWS\system32\tesorarp.ini
C:\WINDOWS\system32\tqwnrmfd.ini
C:\WINDOWS\system32\uessttkk.ini
C:\WINDOWS\system32\vsnqilbw.ini
C:\WINDOWS\system32\xrtyppjk.ini

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 ))))))))))))))))))))))))))))))))))))
.

2008-09-14 19:27 . 2008-09-14 19:27 <REP> d-------- C:\Program Files\Trend Micro
2008-09-14 19:16 . 2008-09-14 19:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-14 19:16 . 2008-09-14 19:16 <REP> d-------- C:\Documents and Settings\alex\Application Data\Malwarebytes
2008-09-14 19:16 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-14 19:16 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-14 19:15 . 2008-09-14 19:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-14 18:23 . 2008-09-14 18:50 <REP> d-------- C:\WINDOWS\system32\CatRoot
2008-09-14 17:20 . 2008-09-14 17:20 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2008-09-14 15:43 . 2008-09-14 15:43 111,616 --a------ C:\WINDOWS\system32\wlmndlyv.dll
2008-09-14 15:43 . 2008-09-14 15:43 111,616 --a------ C:\WINDOWS\system32\cvcpou.dll
2008-08-19 17:39 . 2008-09-08 15:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-19 17:39 . 2008-08-19 17:39 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-14 16:22 --------- d-----w C:\Program Files\Wanadoo
2008-09-14 16:03 --------- d-----w C:\Documents and Settings\alex\Application Data\MegauploadToolbar
2008-09-14 15:21 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-09-14 15:21 --------- d-----w C:\Program Files\DivX
2008-09-14 15:21 --------- d-----w C:\Program Files\CSO-DAX Compressor
2008-09-14 15:21 --------- d-----w C:\Program Files\Counter-Strike Source
2008-09-14 15:21 --------- d-----w C:\Program Files\ASUS WiFi-AP Solo(2)
2008-09-14 15:21 --------- d-----w C:\Program Files\ASUS WiFi-AP Solo
2008-09-14 14:56 32,602,144 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-14 01:01 378,860 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-10 14:44 --------- d-----w C:\Program Files\Java
2008-08-24 18:04 --------- d-----w C:\Documents and Settings\alex\Application Data\OpenOffice.org2
2008-08-14 20:00 --------- d-----w C:\Program Files\SpeedBitPlus
2008-08-08 22:34 --------- d-----w C:\Documents and Settings\alex\Application Data\ImgBurn
2008-08-08 08:21 --------- d-----w C:\Program Files\ImgBurn
2008-08-05 23:31 --------- d-----w C:\Program Files\eMule
2008-08-03 16:08 --------- d-----w C:\Program Files\Internet Download Manager
2008-08-02 15:01 --------- d-----w C:\Documents and Settings\alex\Application Data\Megaupload
2008-08-02 15:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-02 15:00 --------- d-----w C:\Program Files\MegauploadToolbar
2008-08-02 15:00 --------- d-----w C:\Program Files\Megaupload
2008-07-31 19:14 --------- d-----w C:\Documents and Settings\alex\Application Data\IDM
2008-07-31 18:16 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2008-07-31 18:16 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-07-31 17:42 --------- d-----w C:\Documents and Settings\alex\Application Data\DMCache
2008-07-31 17:41 --------- d-----w C:\Program Files\Best_Security_Tips
2008-07-31 17:15 --------- d-----w C:\Program Files\DAP
2008-07-31 17:13 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
2008-07-31 17:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpeedBit
2008-07-31 17:12 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-31 16:56 --------- d-----w C:\Program Files\Conduit
2008-07-31 16:52 --------- d-----w C:\Program Files\Google
2008-07-28 20:34 22,488 ----a-w C:\Documents and Settings\alex\Application Data\GDIPFONTCACHEV1.DAT
2008-07-28 19:12 --------- d-----w C:\Program Files\SpeedBid
2008-07-25 12:05 --------- d-----w C:\Documents and Settings\alex\Application Data\Media Player Classic
2008-07-25 10:13 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-07-25 09:59 --------- d-----w C:\Documents and Settings\alex\Application Data\dvdcss
2008-07-20 14:45 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-07-14 16:08 --------- d-----w C:\Program Files\Virtools
2008-07-05 10:58 499 ---ha-w C:\os847477.bin
.

------- Sigcheck -------

2006-03-02 14:00 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\system32\svchost.exe
2006-03-02 14:00 14336 2979b03d5382a602623c0535b16ab9c0 C:\WINDOWS\system32\dllcache\svchost.exe

2005-03-02 20:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2006-03-02 14:00 578048 61c8c283ad063bb697ae61a155c64a5a C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 17:37 578560 753354f594809a9b96f73999b435a533 C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 578560 753354f594809a9b96f73999b435a533 C:\WINDOWS\system32\dllcache\user32.dll

2006-03-02 14:00 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\system32\ws2_32.dll
2006-03-02 14:00 82944 eed74b969b2ca1acc558ff60fb420e28 C:\WINDOWS\system32\dllcache\ws2_32.dll

2007-06-26 16:36 669696 19058fbdc72f7bae085369c6d0a7d074 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll
2007-06-27 16:14 824320 7201d19b81883b57d5ffe8ebb5a83e8b C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
2007-08-20 11:49 825344 2dd1b0f579c80562edcb8848ff7ea9f6 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
2007-10-11 01:22 825344 871ae10d6ae8877e9636ae5017953d52 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-07 03:42 825344 f4fd487241d3ac291046a22cebd2cf71 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
2008-06-23 17:40 827904 52589bae67dd9859724287372668690b C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
2007-06-26 16:12 663040 889269134af28b2142f47a337ca3a1cd C:\WINDOWS\$NtUninstallKB937143$\wininet.dll
2006-03-02 14:00 660480 4e958b97efc3d801f49283d1820f48b7 C:\WINDOWS\$NtUninstallKB937143_0$\wininet.dll
2007-06-26 16:36 669696 19058fbdc72f7bae085369c6d0a7d074 C:\WINDOWS\ie7\wininet.dll
2006-11-07 21:03 818688 92995334f993e6e49c25c6d02ec04401 C:\WINDOWS\ie7updates\KB937143-IE7\wininet.dll
2007-06-27 15:24 823808 2274862267d7445e7010d9af826e89c3 C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
2007-08-20 11:59 815616 73106e5d190e0d0a88d1fed88ba629f2 C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
2007-10-11 01:49 824832 bc5119c53bdd48dabc628d448a3bdccb C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
2007-12-07 04:08 824832 4fc90bece54fac81b0090b94e27bfb6b C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
2008-03-01 14:58 826368 8e027981ddffa690d456fe18b37415a0 C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
2008-06-23 18:28 826368 ac0bd61dc2c64906fbfe50e005fefa2c C:\WINDOWS\system32\wininet.dll
2008-06-23 18:28 826368 ac0bd61dc2c64906fbfe50e005fefa2c C:\WINDOWS\system32\dllcache\wininet.dll

2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2006-03-02 14:00 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
2008-07-31 20:16 360320 073941d59ae065910064b728dee981ee C:\WINDOWS\system32\dllcache\TCPIP.SYS
2008-07-31 20:16 360320 073941d59ae065910064b728dee981ee C:\WINDOWS\system32\drivers\TCPIP.SYS

2006-03-02 14:00 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\system32\winlogon.exe
2006-03-02 14:00 506368 123eea158f74d0f67a51dcdf065d1091 C:\WINDOWS\system32\dllcache\winlogon.exe

2006-03-02 14:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys
2006-03-02 14:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys

2006-03-02 14:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys
2006-03-02 14:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys

2005-03-02 20:13 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2007-02-28 18:08 2061440 7a56a64eb50399613587e90292dd2aab C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2006-03-02 14:00 2017280 35567c8c50986c2bc5c3efd79cb045e4 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-02 20:08 2017280 50b3a210b6fa8d3089a36a32e7d8b21f C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 18:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2007-02-28 18:02 2017792 11c942f6519575079baa9f14aee35e88 C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 18:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2005-03-02 20:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2007-02-28 18:08 2184192 8e244108562e0e452eb68dff64cb08a9 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2006-03-02 14:00 2150400 36f32a5a83df734e022734d93860a9a4 C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-02 20:07 2137600 e75f7aa5a33479f29c636fd0890f5762 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 18:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2007-02-28 18:02 2138112 c7a39c47c064ae50417a944b60f37b6a C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 18:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2006-03-02 14:00 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe

2006-03-02 14:00 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\system32\services.exe
2006-03-02 14:00 108544 63dcde1a0d86eeb8924d6738ff616ead C:\WINDOWS\system32\dllcache\services.exe

2006-03-02 14:00 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\system32\lsass.exe
2006-03-02 14:00 13312 259af82a0932eea4f316f92db94707b6 C:\WINDOWS\system32\dllcache\lsass.exe

2006-03-02 14:00 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\system32\ctfmon.exe
2006-03-02 14:00 15360 64e41e8fee655b03e3f19ded21ba5118 C:\WINDOWS\system32\dllcache\ctfmon.exe

2005-06-11 02:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2006-03-02 14:00 57856 df9fc62ad51cb082b0ae371919a232cb C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
2005-06-11 01:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\system32\spoolsv.exe
2005-06-11 01:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\system32\dllcache\spoolsv.exe

2007-07-30 19:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 68440 84d9a61860272d6177d46c86b8431557 C:\WINDOWS\system32\dllcache\wuauclt.exe

2006-03-02 14:00 25088 84717891f0734c611721f56c60b5fbc3 C:\WINDOWS\system32\userinit.exe
2006-03-02 14:00 25088 84717891f0734c611721f56c60b5fbc3 C:\WINDOWS\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0dbb53e7-e491-4fa1-a82f-9a0576d0cab4}]
2008-09-14 15:43 111616 --a------ C:\WINDOWS\system32\cvcpou.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 3587120]
"RogueMonitor"="C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe" [2008-02-24 421568]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-31 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2006-11-16 1953792]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 363008]
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe" [2006-12-08 3714048]
"EzBackup Manager"="C:\Program Files\EZ-Backup\EZ-Backup Manager\ezbackupmanager.exe" [2006-08-15 1902080]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 86016]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"EPSON Stylus DX4800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE" [2005-02-02 98304]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 385024]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [2008-04-01 61440]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 919016]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 C:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2006-08-11 C:\WINDOWS\system32\nwiz.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 02:42 72208 c:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=cvcpou.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^alex^Menu Démarrer^Programmes^Démarrage^Morpheus.lnk]
path=C:\Documents and Settings\alex\Menu Démarrer\Programmes\Démarrage\Morpheus.lnk
backup=C:\WINDOWS\pss\Morpheus.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-03-28 19:12 1271032 C:\Valve\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\winver.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 EZ-Backup Manager;EZ-Backup Manager;C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe [2006-08-15 1124352]
R2 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 27992]
S2 P1C1394;Phase One 1394 Camera Driver;C:\WINDOWS\system32\Drivers\p1c1394.sys [ ]
S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-11-30 69120]
S3 jnv4_mib;jnv4_mib;C:\DOCUME~1\alex\LOCALS~1\Temp\jnv4_mib.sys [ ]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-09-05 176128]
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2006-06-23 13532]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83c5617c-0d37-11dd-a098-001bfc9a14ef}]
\Shell\AutoRun\command - E:\LaunchU3.exe
.
Contenu du dossier 'Tƒches planifi‚es'
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
URLSearchHooks-{da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)
BHO-{066c17ae-b1b5-4d95-af79-abcbb159f1de} - (no file)
BHO-{06f68b55-b87d-4497-bbd7-09fafb84e171} - (no file)
BHO-{07F4FF43-6BBB-49D4-A91E-B0A1F3EE2FD5} - (no file)
BHO-{1B2F9357-DD68-4418-9FD0-95EF6396295E} - C:\WINDOWS\system32\pmkjk.dll
BHO-{20DAC1E8-FD1B-48F4-9CC8-1A842B405D44} - C:\WINDOWS\system32\byXRkjji.dll
BHO-{235B90D6-CB93-40A6-8F1A-AF422ADA9637} - C:\WINDOWS\system32\opnnkJAS.dll
BHO-{2A12D849-AB1F-4913-B6E4-E0597A9B95DB} - (no file)
BHO-{33FE876F-E70C-4394-9C22-374EA21D77CA} - (no file)
BHO-{354c000c-7eef-483e-885b-ea9112f1f33f} - (no file)
BHO-{384FC50F-D20A-405A-AD7B-59837691FC0D} - (no file)
BHO-{3D4B5710-416E-4513-A537-9B9B8777DBAD} - (no file)
BHO-{44efa9b4-3a6a-48bb-a4c7-32198c2c41f8} - (no file)
BHO-{46e4f9fb-c116-4ce8-8da7-de316854840e} - (no file)
BHO-{49A93912-B523-4F3E-901D-7BC6A9FBCC52} - (no file)
BHO-{4fb93583-01c8-4c91-8f22-40168d8ba6f6} - (no file)
BHO-{5224A8ED-C9E9-44F8-8BD2-976A197BA9AA} - (no file)
BHO-{5F3388F7-D4EA-4C5A-9978-1F5473AC434E} - (no file)
BHO-{66CDCA38-B7AA-4A0A-9330-8383E4423BD4} - (no file)
BHO-{6BCDFF5A-AE00-47EC-9C23-23D61997AF55} - (no file)
BHO-{7c0df67c-397d-4811-ae26-cb5ce10bedd1} - (no file)
BHO-{8B92ADCE-4AD9-4535-BACB-D67B49B56C8D} - (no file)
BHO-{9466AD5A-3E3E-4096-AD12-C48796CFBE39} - (no file)
BHO-{98EAA618-7DCC-4CB9-B8A8-AD15A1DBB134} - (no file)
BHO-{9a986cf4-b20b-4112-b9e9-d644dc543230} - (no file)
BHO-{9F40D693-A891-45D2-9684-6631239E96A9} - (no file)
BHO-{A25C62BF-7420-49D0-AB68-E91D8D236190} - (no file)
BHO-{A747771C-068C-49AD-9CC3-9FC1ACA9C2B1} - (no file)
BHO-{A91DBAE8-B5C7-40B6-AB12-80094AFC3A5C} - (no file)
BHO-{AA5F3D25-E7CA-454A-A879-C727F75B76AD} - (no file)
BHO-{AB12D4AF-F427-463C-B44B-E7096F8437F3} - (no file)
BHO-{AEF89920-F8A5-4061-BE4F-F1F4DDA49314} - (no file)
BHO-{B070B224-C71C-41B1-8C0E-6E4AD2C271EF} - (no file)
BHO-{b2b95120-8ab0-4140-86a0-cb662e189101} - (no file)
BHO-{B66BDC05-7D23-4982-8582-D92D40631D1A} - (no file)
BHO-{BE031064-6D7D-46A0-A862-699AE70F66BA} - (no file)
BHO-{BE6D6CC8-2CCF-4854-B888-8B379EDE3F8D} - (no file)
BHO-{BEE91C6D-0985-43FA-B1B1-C7B321C2BA8E} - C:\WINDOWS\system32\mllmj.dll
BHO-{BF20401D-8103-4372-9655-58F3D3660110} - (no file)
BHO-{C65D182C-E99D-49D3-A14C-D415C15768B5} - (no file)
BHO-{C90B20E2-3A6C-40AA-A9A6-9BF7FF0D3519} - (no file)
BHO-{CB5AEE50-9C87-48FB-A580-92BDCE36C235} - (no file)
BHO-{CC959439-1B36-42DF-A5C7-25244B915C08} - (no file)
BHO-{CD95999F-5303-48D1-8D27-AADE571FF21A} - (no file)
BHO-{dd996275-9983-460b-8fbc-b50b398edb18} - (no file)
BHO-{e4ba913e-fa1d-4375-a949-5339defa13a2} - (no file)
BHO-{E8673979-960B-455E-87CF-33B39B496684} - (no file)
BHO-{ECDB82B1-7D18-4FAB-9F40-BACA4B63607A} - (no file)
BHO-{ECE4989A-5BAD-4B48-9989-E04A85258F2B} - (no file)
BHO-{EF9B76DA-6A4A-42EB-B2FD-6F0E94E179BA} - (no file)
BHO-{F812B885-4BC0-40EF-9C79-42F940426053} - (no file)
BHO-{FA6ABE57-E315-4C0F-ACC2-B50E869C37F0} - (no file)
BHO-{FC2E514F-07EA-4BCB-995C-5FDD235DE008} - (no file)
Toolbar-{60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
Toolbar-{da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)
WebBrowser-{60270DC7-9EA0-472F-9B77-66652C06246E} - (no file)
WebBrowser-{DA30EFF8-CCC6-4162-A20D-67402A26A215} - (no file)
HKCU-Run-Chinsoap - C:\DOCUME~1\alex\APPLIC~1\CREATI~1\oozecitydrive.exe
HKLM-Run-PKR Pal - C:\Program Files\PKR\pkrpal.exe
HKLM-Run-d82f10e6 - C:\WINDOWS\system32\kjppytrx.dll
HKLM-Run-BMdb1c237a - C:\WINDOWS\system32\phpatbtp.dll
HKLM-Run-EoEngine - (no file)
HKLM-Run-EoMetro - (no file)
HKLM-Run-EoFlip - (no file)
ShellExecuteHooks-{235B90D6-CB93-40A6-8F1A-AF422ADA9637} - C:\WINDOWS\system32\opnnkJAS.dll
Notify-opnnkJAS - opnnkJAS.dll
Notify-winetn32 - winetn32.dll


.
------- Examen suppl‚mentaire -------
.
FireFox -: Profile - C:\Documents and Settings\alex\Application Data\Mozilla\Firefox\Profiles\k7a4p6o7.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1703502&SearchSource=3&q=
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npagent.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
FF -: plugin - C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF -: plugin - C:\Program Files\Virtools\3D Life Player\npvirtools.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-14 20:43:28
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cach‚s ...

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

Recherche de fichiers cach‚s ...

Scan termin‚ avec succŠs
Fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs charg‚es dans les processus actifs ---------------------

PROCESSUS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\alex\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\alex\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Heure de fin: 2008-09-14 20:57:23 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-14 18:57:19

Avant-CF: 78,235,516,928 octets libres
AprŠs-CF: 82,349,654,016 octets libres

416 --- E O F --- 2008-09-11 00:36:00

Analyse le fichier suivant sur VirusTotal puis poste le rapport :
C:\WINDOWS\system32\cvcpou.dll

voila voila

Fichier ksthoe.dll reçu le 2008.09.14 19:12:44 (CET)
Situation actuelle: terminé
Résultat: 8/36 (22.22%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.12 -
AntiVir 7.8.1.28 2008.09.12 -
Authentium 5.1.0.4 2008.09.14 -
Avast 4.8.1195.0 2008.09.13 -
AVG 8.0.0.161 2008.09.14 -
BitDefender 7.2 2008.09.14 Trojan.Vundo.FKW
CAT-QuickHeal 9.50 2008.09.13 -
ClamAV 0.93.1 2008.09.14 -
DrWeb 4.44.0.09170 2008.09.14 -
eSafe 7.0.17.0 2008.09.14 Suspicious File
eTrust-Vet 31.6.6086 2008.09.12 -
Ewido 4.0 2008.09.14 -
F-Prot 4.4.4.56 2008.09.14 -
F-Secure 8.0.14332.0 2008.09.14 -
Fortinet 3.113.0.0 2008.09.14 -
GData 19 2008.09.14 -
Ikarus T3.1.1.34.0 2008.09.14 -
K7AntiVirus 7.10.454 2008.09.13 -
Kaspersky 7.0.0.125 2008.09.14 -
McAfee 5383 2008.09.12 -
Microsoft 1.3903 2008.09.14 -
NOD32v2 3440 2008.09.13 -
Norman 5.80.02 2008.09.12 -
Panda 9.0.0.4 2008.09.14 -
PCTools 4.4.2.0 2008.09.14 -
Prevx1 V2 2008.09.14 Cloaked Malware
Rising 20.61.42.00 2008.09.12 Packer.Win32.Agent.v
Sophos 4.33.0 2008.09.14 Sus/Behav-278
Sunbelt 3.1.1633.1 2008.09.13 -
Symantec 10 2008.09.14 Trojan.Vundo
TheHacker 6.3.0.9.082 2008.09.14 -
TrendMicro 8.700.0.1004 2008.09.12 PAK_Generic.001
VBA32 3.12.8.5 2008.09.14 -
ViRobot 2008.9.12.1375 2008.09.12 -
VirusBuster 4.5.11.0 2008.09.14 -
Webwasher-Gateway 6.6.2 2008.09.14 Win32.Malware.gen (suspicious)
Information additionnelle
File size: 111616 bytes
MD5...: d270b10b275d76d1a8d5ff35fecd10e2
SHA1..: a8879d1287ea63d8cae36c7811a0e54eb99e9a03
SHA256: 34cfd2f04378874cc090e7210a7a3912f1ab57e50a919117e1269aa79dcd552e
SHA512: ab23d2535fbd1fa7fbdb4ea65180a97fa0be2ca340ddb670624f19c93e1bc24a
8a1f859a75751e3393b34d3e3a390ffb240f2da77c825e7785bc345cc7ba6117
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x10001000
timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xe000 0xd400 7.99 4f8abd248c53356750e761639b096b1c
.data 0xf000 0x1000 0x400 4.64 2936cf41fd4ce83a48f9a83b55874d4c
.rdata 0x10000 0x2f000 0xd800 7.96 e216ead99760042dc4971b29e2b5b1cd

( 3 imports )
> USER32.dll: OemToCharBuffA, MessageBoxA, MessageBeep, LoadCursorFromFileA, LoadCursorA, EndPaint, EndDialog, EmptyClipboard, DrawTextA, DestroyCursor, CreateIconFromResourceEx, CreateDesktopA, CopyRect, CharToOemBuffA, CharNextA, ActivateKeyboardLayout
> KERNEL32.dll: lstrcmpiA, ReadFile, MapViewOfFile, InitializeCriticalSection, GetVersionExA, GetSystemTimeAsFileTime, GetStartupInfoA, GetModuleHandleA, ExitProcess, EnumResourceTypesA, EnumResourceLanguagesA, CloseHandle
> ADVAPI32.dll: RegQueryValueA, RegOpenKeyExA, RegCloseKey

( 0 exports )
Prevx info: http://info.prevx.com/aboutprogram [...] 0094609871

ATENTION ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.

Supprime le fichier.